Today’s businesses require an added layer of protection to ensure that their Microsoft Internet Information Services (IIS) Web Server farms remain running without interruption even if a hacker mounts an attack, or the IIS Server is hit with an indiscriminate worm like CodeRed or Nimda. Further, this solution must be capable of protecting from newly launched attacks, such as the WebDAV buffer overflow vulnerability, should an attacker attempt to utilize an unknown zero-day exploit to compromise an IIS server. Security administrators should consider deploying BeyondTrust’s Enterprise Web Server Protection solution, SecureIIS™. In conjunction with BeyondTrust’s Remote Enterprise Management (REM) Console, SecureIIS allows organizations the centralized data collection and reporting functionality required to keep up with the high speed of today’s sophisticated attackers. Typical Web Server Protection Requirements:
  • Maximum security of critical IIS web servers and content
  • Maximized server uptime; Minimized downtime
  • Ease of enterprise-wide installation and configuration
  • Trusted web server protection without disabling IIS functionality
  • Ability to employ a measured response to new security patches from Microsoft vs. reacting immediately to Microsoft advisories
  • Reduced web management overhead

SecureIIS Summary

Developed by BeyondTrust as the first-ever Microsoft Internet Information Services (IIS) specific application firewall, SecureIIS operates within Microsoft IIS to actively inspect all incoming requests at each stage of data processing and prevent potentially damaging network traffic — whether encrypted or unencrypted — from penetrating Microsoft web servers. SecureIIS is a fully supported enterprise-level solution that is proven to save time and money while providing complete intrusion prevention security for Microsoft IIS web servers. SecureIIS is instantly deployable and provides enterprisewide assurance against known and unknown web server attacks, without disabling the functionality of IIS web servers or relying on a signature database of attacks.